Skip to main content

Edk Ii

3 CVEs product

Monthly

CVE-2021-28216 HIGH POC This Week

BootPerformanceTable pointer is read from an NVRAM variable in PEI. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Edk Ii
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-0161 MEDIUM PATCH This Month

Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Buffer Overflow Memory Corruption Edk Ii
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2019-0160 CRITICAL Act Now

Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Denial Of Service Edk Ii Leap +6
NVD
CVSS 3.1
9.8
EPSS
1.3%
EPSS 0% CVSS 7.8
HIGH POC This Week

BootPerformanceTable pointer is read from an NVRAM variable in PEI. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Edk Ii
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Buffer Overflow Memory Corruption +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Denial Of Service +8
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy